Loading
Sign in to access editorial features
Get the latest articles & tutorials in your inbox
Loading
Free online tool
Get clear, instant password guidance without sending the password anywhere.
Local-only check
Spaces and Unicode characters are accepted. Maximum 1,024 characters.
Enter a password to check its strength.
This estimate is guidance, not a guarantee. It cannot detect password reuse, every breached password, phishing, or malware.
The checker estimates strength from length, character variety, and predictable patterns. It rewards longer passwords and passphrases, while lowering the score for common passwords, repetition, sequences, and keyboard walks.
Long passwords generally give attackers more possibilities to test. Uniqueness matters just as much: reusing even a highly rated password can put several accounts at risk after one service is breached.
Use a reputable password manager to keep a unique password for every account, and enable multi-factor authentication wherever it is available.
Privacy: Your password is checked locally and is never stored or sent.
No. Evaluation happens locally in your browser. The checker does not send, store, log, or save your password or its result.
Use at least 12 characters, and prefer 16 or more. A long passphrase made from unrelated words can be both strong and easier to remember.
No. Every account should have a unique password so that one breach does not expose your other accounts.
A reputable password manager can create and store long, unique passwords. Multi-factor authentication adds another useful layer of protection.